public inbox for libc-ports@sourceware.org
 help / color / mirror / Atom feed
* All machines: Pointer guard testing update (Bug 15754, CVE-2013-4788).
@ 2013-09-26 14:52 Carlos O'Donell
  2013-09-26 15:39 ` Will Newton
  2013-09-27  1:06 ` Kaz Kojima
  0 siblings, 2 replies; 6+ messages in thread
From: Carlos O'Donell @ 2013-09-26 14:52 UTC (permalink / raw)
  To: libc-ports

All machines,

The fix for CVE-2013-4788 (bug 15754) contains a regression
test to ensure that the pointer guard is both random and
changes between processes.

In order to create the test it was necessary to add a new
accessor macro POINTER_CHK_GUARD to allow the regression
test to locate and read the pointer guard value from outside
of the library.

I have added a POINTER_CHK_GUARD implementation for *all*
machines. You need not do any work at this point. However,
for some machines I wrote the implementation without testing
it e.g. stack guard was just before pointer guard so
POINTER_CHK_GUARD is the same code with a different offset.

My request is that you run the testsuite and verify that
tst-ptrguard1 and tst-ptrguard1-static pass. If they don't
pass please email me and we can work out what might be
wrong with your POINTER_CHK_GUARD implementation.

Cheers,
Carlos.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2013-09-27  2:15 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-09-26 14:52 All machines: Pointer guard testing update (Bug 15754, CVE-2013-4788) Carlos O'Donell
2013-09-26 15:39 ` Will Newton
2013-09-26 16:26   ` Richard Henderson
2013-09-27  1:06 ` Kaz Kojima
2013-09-27  1:43   ` Carlos O'Donell
2013-09-27  2:15     ` Kaz Kojima

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).